# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.PrivateCA.V1.Model.IssuancePolicy do
  @moduledoc """
  Defines controls over all certificate issuance within a CaPool.

  ## Attributes

  *   `allowedIssuanceModes` (*type:* `GoogleApi.PrivateCA.V1.Model.IssuanceModes.t`, *default:* `nil`) - Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
  *   `allowedKeyTypes` (*type:* `list(GoogleApi.PrivateCA.V1.Model.AllowedKeyType.t)`, *default:* `nil`) - Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
  *   `baselineValues` (*type:* `GoogleApi.PrivateCA.V1.Model.X509Parameters.t`, *default:* `nil`) - Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
  *   `identityConstraints` (*type:* `GoogleApi.PrivateCA.V1.Model.CertificateIdentityConstraints.t`, *default:* `nil`) - Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
  *   `maximumLifetime` (*type:* `String.t`, *default:* `nil`) - Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate resource's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
  *   `passthroughExtensions` (*type:* `GoogleApi.PrivateCA.V1.Model.CertificateExtensionConstraints.t`, *default:* `nil`) - Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :allowedIssuanceModes => GoogleApi.PrivateCA.V1.Model.IssuanceModes.t() | nil,
          :allowedKeyTypes => list(GoogleApi.PrivateCA.V1.Model.AllowedKeyType.t()) | nil,
          :baselineValues => GoogleApi.PrivateCA.V1.Model.X509Parameters.t() | nil,
          :identityConstraints =>
            GoogleApi.PrivateCA.V1.Model.CertificateIdentityConstraints.t() | nil,
          :maximumLifetime => String.t() | nil,
          :passthroughExtensions =>
            GoogleApi.PrivateCA.V1.Model.CertificateExtensionConstraints.t() | nil
        }

  field(:allowedIssuanceModes, as: GoogleApi.PrivateCA.V1.Model.IssuanceModes)
  field(:allowedKeyTypes, as: GoogleApi.PrivateCA.V1.Model.AllowedKeyType, type: :list)
  field(:baselineValues, as: GoogleApi.PrivateCA.V1.Model.X509Parameters)
  field(:identityConstraints, as: GoogleApi.PrivateCA.V1.Model.CertificateIdentityConstraints)
  field(:maximumLifetime)
  field(:passthroughExtensions, as: GoogleApi.PrivateCA.V1.Model.CertificateExtensionConstraints)
end

defimpl Poison.Decoder, for: GoogleApi.PrivateCA.V1.Model.IssuancePolicy do
  def decode(value, options) do
    GoogleApi.PrivateCA.V1.Model.IssuancePolicy.decode(value, options)
  end
end

defimpl Poison.Encoder, for: GoogleApi.PrivateCA.V1.Model.IssuancePolicy do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
